Extracted

• • Target

    0521690.bat

  • Size

    77.0MB

  • MD5

    c39a48ee3a85d4fc36fb52f723ebde61

  • SHA1

    921d4129c27baca0ebc29997da69dc79977c73ea

  • SHA256

    812d7e9c33df186a4d4973e7433caff8a16f4fd7f66c1d1bb54c25d57b8b9c7c

  • SHA512

    50fcb27ad58bcea345b6593c866301736fa4a7e71e5607f1b60fb75ec6ec0bad3d311bdb017142cb7ed5f2e439f8022f0085a7d20fd9564a93b3f462b3dc2a6a

  • SSDEEP

    24576:uRmJkcoQricOIQxiZY1iaCTUQ3aWhG0S0aj9kJGofD4:7JZoQrbTFZY1iaCTus1hGoM

  Score

  10^/10

  agenttesladiscoverykeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2